Vulnerability Details CVE-2019-15016
An SQL injection vulnerability exists in the management interface of Zingbox Inspector versions 1.288 and earlier, that allows for unsanitized data provided by an authenticated user to be passed from the web UI into the database.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2019-15016
-
cpe:2.3:a:zingbox:inspector:-
-
cpe:2.3:a:zingbox:inspector:1.280
-
cpe:2.3:a:zingbox:inspector:1.281
-
cpe:2.3:a:zingbox:inspector:1.286
-
cpe:2.3:a:zingbox:inspector:1.287
-
cpe:2.3:a:zingbox:inspector:1.288